PRIVACY NOTICE

1.    INTRO 

Data privacy is important to us. This means that we process data about identified or identifiable individuals, which is called personal data, with due care and in accordance with applicable data protection law. 

This Privacy Notice describes how we process personal data we collect from individuals in relation to their use of our website for inquiry and attendance at our events. In legal terms, we are the data controller, as we determine the means and/or purposes of the processing. 

This Privacy Notice covers data processing carried out by our organization. The Privacy Notice does not address, and we are not responsible for, the privacy practices of any third parties, also in cases where services include hyperlinks to third parties’ websites or when cookies are set by third parties.

2.    PERSONAL DATA

The personal data we collect from individuals using our website mostly consists of personal information, such as name, business name, business address, telephone number, email address and other personal information they provide to us. This is mostly information in relation to an individual’s role as a private person or as an individual consumer. These individuals mostly are our prospects, customers, suppliers or partners. The specific kind of user information collected will depend on the services used. 

We use various technologies to collect and process technical data in relation to individual users, including cookies. Cookies are small text files stored on users’ computer by the internet browser. Cookies allow us to calculate the aggregate number of people using our website and monitor the use of our website. This helps us to improve our services and better serve our users. We may use tracking and analytics cookies to see how well our services are being received by our users. Some cookies enable our services to function and inform us whether our services are functioning properly. Our advertising cookies allow us to deliver targeted advertising to people who visit our websites (online behavioural advertising, OBA). Users may choose to set their web browser to refuse cookies, or to alert when cookies are being sent. This can usually be done through internet browser’s settings. Information about how to manage cookies can be found online. Some parts of our services may not function properly if users prefer not to accept the use of cookies.

3.    PURPOSES

We process personal information for the following purposes:

  • to allow us to run, maintain and develop our business,

  • to allow us to offer and provide our services, 

  • to allow us to conduct information and promotional campaigns (including direct marketing) related to our services (including by phone, mail and email), keeping users informed about our services and special offers that are likely to interest them,

  • to allow us to perform the contract we have signed with our customers, suppliers or partners,

  • to allow customer service management,

  • to enhance our services and the use thereof,

  • to perform research and analysis relating to our services, 

  • to perform tracking of the use of our services,

  • to conduct market surveys and/or

  • to detect fraud, e.g. breaches of intellectual property rights.

Should the personal data of the User be provided to us via our prospect, customer, supplier or partner, we shall assume that our prospect, customer, supplier or partner has informed the user of this Privacy Notice.

4.    STORAGE PERIOD

We do not store the personal information for longer than is legally permitted and necessary for the related processing purposes. The storage period depends on the type of personal information, the purposes and the applicable law and therefore varies per use.

Typically, we store user’s personal information for as long as the user is using our services or for as long as we have another purpose to do so and, thereafter, for no longer than is required or permitted by law or necessary for internal reporting and reconciliation purposes. 

We erase personal information after the above described storage period or when the user requests us to erase his/her personal information. 

5.    LEGITIMATE GROUNDS FOR PROCESSING

We process personal information to pursue our legitimate interest to run, maintain and develop our business. Furthermore, we process personal information to comply with our legal obligations. 

In some parts of our services, we might request users’ consent for the processing of their personal information for specific purposes. In that event, users may withdraw their consent at any time. 

6.    RIGHTS OF USERS

Right to access. Any user may contact us to get confirmation as to whether or not we are processing user’s personal information. Where we do process user’s personal information, we will inform user of what categories of personal information we process regarding him/her, the processing purposes, the categories of recipients to whom personal information have been or will be disclosed and the envisaged storage period or criteria to determine that period.

Right to withdraw consent. In case our processing is based on a consent granted by the user, the user may withdraw the consent at any time by contacting us or by using the functionalities of our Services. Withdrawing a consent may lead to fewer possibilities to use our Services. 

Right to rectification. Any user has the right to have inaccurate or incomplete personal data we store about the user rectified or completed. 

Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, any user has the right to object at any time to our processing. We shall then no longer process user’s personal information unless for the provision of our services or if we demonstrate other compelling legitimate grounds for our processing that override user’s interests, rights and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, any user has the right to prohibit us from using his/her personal information for direct marketing purposes, by contacting us or by using the functionalities of the services or unsubscribe possibilities in connection with our direct marketing messages.

Right to restriction of processing. Any User has the right to obtain from us restriction of processing of User’s personal data, as foreseen by applicable data protection law, e.g. to allow our verification of accuracy of personal data after User’s contesting of accuracy or to prevent us from erasing personal data when personal data are no longer necessary for the purposes but still required for User’s legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services. 

Right to data portability. Any user has the right to receive user’s personal information from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party, in case our processing is based on user’s consent and carried out by automated means. 

Right to erasure. Any user has the right to have personal information we process about the user erased from our systems if the personal information are no longer necessary for the related purposes, if we have unlawfully processed the personal information or if the user objects to processing for direct marketing. Any user furthermore has the right to erasure if the user withdraws consent or objects to our processing as meant above, unless we have a legitimate ground to not erase the information.

How to use these rights. To exercise any of the above mentioned rights, user should primarily use the functions offered by our services. If such functions are however not sufficient for exercising such rights, Customer shall send us a letter or email to the address set out below under contact, including the following information: name, address, phone number, email address and a copy of a valid proof of identity. We may request additional information necessary to confirm user’s identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded. 

7.    SECURITY 

We implement and maintain reasonable and appropriate technical and organizational security measures to protect the personal information we process, from unauthorized access, alteration, disclosure, loss or destruction.

8.    RECIPIENTS

We only share personal information within our organization if and as far as necessary for the purposes specified in this Privacy Notice. Our staff members processing personal information are bound to confidentiality. 

We do not share personal information with any third party outside of our organization unless one of the following circumstances applies.

Necessary for the purposes. We may share personal information with third parties to the extent our services foresee such disclosure and users submit their personal information for that purpose, such as through an address book to create connections and facilitate our services. We may furthermore share personal information with our affiliated companies and other service providers that support us in the realization of the purposes specified in this Privacy Notice, such as by performing data hosting, direct marketing and customer services. Our agreements with these service providers foresee privacy and security commitments from these service providers that are no less protective than our own commitments described in this Privacy Notice. If our users provide personal information directly to a third party, such as through a link on our website, the processing is typically based on such third party’s notice.

For legal reasons. We may share personal information with third parties if we have good-faith belief that their access to and use of the personal data is necessary (i) to meet any applicable law and/or court order, (ii) to detect, prevent or otherwise address fraud, security or technical issues, and/or (iii) to protect the interests, properties or safety of us, our Users or the public, in accordance with the law. We will notify users about such disclosure, as far as reasonably possible. 

In relation to corporate restructuring. If we are in a process of merger, acquisition or asset sale, we may transfer personal information to the involved third party. We continue to ensure the confidentiality of all personal information. 

Upon User’s consent. We may share personal information with third parties for other reasons than the ones mentioned above, if we obtained user’s explicit consent to do so. The user has the right to withdraw this consent at any time. 

9.    LOCATION AND TRANSFER 

We and our service providers have operations in several locations in the world. Consequently, we and our service providers may transfer personal information to, or access it from, countries outside user’s country of domicile.

We take steps to ensure that users’ personal information receives an adequate level of protection in the countries in which we process it. 

10.    LODGING A COMPLAINT

In case any user considers our processing of his/her personal information to be inconsistent with applicable data protection law, a complaint may be lodged with the local authority for data protection. 

11.    CHANGES 

This Privacy Notice is dated Feb 01, 2019. We may update this Privacy Notice at any time if required in order to reflect changes in our data processing practices, in personal data protection laws or otherwise. For substantial changes to this Privacy Notice, we will use reasonable endeavors to provide notice thereof.

The English version of this Privacy Notice shall govern in the event of any conflict with or substantial translation changes into a non-English language.  

12.    CONTACT 

Any user having any question or request on this Privacy Notice or our privacy practices, can contact us at admin@hrap.org.ph